_.each(requests, function(r, key) { // If no method provided, default to GET r.method = (typeof r.method === 'string') ? r.method.toLowerCase() : 'get'; r.url = getFinalUrl(req, r); if (!validator.isURL(r.url)) { err = makeValidatonError(key, 'Invalid URL'); } if (!validator.isIn(r.method, methods)) { err = makeValidatonError(key, 'Invalid method'); } if (r.body !== undefined) { if (!validator.isIn(r.method.toLowerCase(), ['put', 'post', 'options'])) { err = makeValidatonError(key, 'Request body not allowed for this method'); } } if (params.allowedHosts !== null) { requestHost = url.parse(r.url).host; if (params.allowedHosts.indexOf(requestHost) === -1) { err = { error: { 'message': 'Cannot make batch request to a host which is not allowed', 'host': requestHost, 'type': 'ValidationError' } }; } } });
function runValidation(key, args, value) { // currently only supports: // is, isURL, isEmail, len, notEmpty, notIn switch (key) { case 'is': if (!validator.matches(value, args.value)) return args.key; break; case 'isURL': if (!validator.isURL(value) && !validator.isNull(value)) return args.key; break; case 'isEmail': if (!validator.isEmail(value) && !validator.isNull(value)) return args.key; break; case 'len': { const [min, max] = args.value; if (!validator.isLength(value, min, max)) return args.key; break; } case 'notEmpty': if (validator.isNull(value)) return args.key; break; case 'notIn': if (validator.isIn(value, args.value)) return args.key; if (typeof value === 'string' && validator.isIn(value.toLowerCase(), args.value)) return args.key; break; case 'isInt': if (!validator.isInt(value) && !validator.isNull(value)) return args.key; } return null; }
return new Promise( (resolve, reject) => { let objRet = {}; if (status !== utils.OPERATION_STATUS.DELETE && status !== utils.OPERATION_STATUS.SELECT) { master['identify'] = validator.trim(validator.escape(master['identify'].toString() || '')); master['name'] = validator.trim(validator.escape(master['name'].toString() || '')); master['gender'] = validator.trim(validator.escape(master['gender'].toString() || '')); master['dob'] = validator.trim(master['dob'].toString() || ''); master['social_number'] = validator.trim(validator.escape(master['social_number'].toString() || '')); master['active'] = validator.trim(validator.escape(master['active'].toString() || '')); if (validator.isNull(master['name'])) objRet['name'] = 'Nome é de preenchimento obrigatório.'; if (validator.isNull(master['identify'])) objRet['identify'] = 'Identificador é de preenchimento obrigatório.'; if (validator.isNull(master['gender'])) objRet['gender'] = 'Sexo é de preenchimento obrigatório.'; else if (!validator.isIn(master['gender'], ['M', 'F'])) objRet['gender'] = 'Sexo informado não é válido.'; if (validator.isNull(master['dob'])) objRet['dob'] = 'Data de nascimento é de preenchimento obrigatório.'; else if (!validator.isDate(master['dob'])) objRet['dob'] = 'Data de nascimento informada não é válida.'; if ((!validator.isNull(master['active'])) && (!validator.isIn(master['active'], [0, 1]))) objRet['active'] = 'Status informado não é válido.'; } if (status === utils.OPERATION_STATUS.UPDATE || status === utils.OPERATION_STATUS.SELECT || status === utils.OPERATION_STATUS.DELETE) { console.log('OPERATION_STATUS.DELETE'); master['_id'] = validator.trim(validator.escape(master['_id'].toString() || '')); let idNull = validator.isNull(master['_id']); if (idNull) objRet['_id'] = 'Id do administrador é de preenchimento obrigatório.'; if (!idNull && (!validator.isMongoId(master['_id']))) objRet['_id'] = 'Id do administrador informado é inválido.'; } if (Object.keys(objRet).length !== 0) { reject(objRet); } else { resolve(master); } });
Validation.validateDataType = function(dataType) { var errors = []; if (!dataType.name) { errors.push(Validation.MISSING_DATA_TYPE_NAME); } if (dataType.name && dataType.name.length < Validation.DATA_TYPE_NAME_MIN_LENGTH) { errors.push(Validation.DATA_TYPE_NAME_TOO_SHORT); } if (dataType.name && dataType.name.length > Validation.DATA_TYPE_NAME_MAX_LENGTH) { errors.push(Validation.DATA_TYPE_NAME_TOO_LONG); } if (!dataType.model) { errors.push(Validation.MISSING_DATA_TYPE_MODEL); } if (!validator.isIn(dataType.model, Validation.DATA_TYPE_MODELS)) { errors.push(Validation.INVALID_DATA_TYPE_MODEL + dataType.model); } if (!dataType.schema || _.isEmpty(dataType.schema)) { errors.push(Validation.MISSING_DATA_TYPE_SCHEMA); } if (!validator.isJSON(JSON.stringify(dataType.schema)) || !_.isObject(dataType.schema)) { errors.push(Validation.INVALID_SCHEMA + dataType.schema); } return errors.length ? errors : null; };
Validation.validateSubject = function(subject) { var errors = []; if (!validator.isInt(subject.type) || _.parseInt(subject.type) <= 0) { errors.push(Validation.INVALID_DATA_TYPE_ID + subject.type); } if (subject.tags && !_.isArray(subject.tags)) { errors.push(Validation.INVALID_TAG + subject.tags); } // silently fix sex errors if (!subject.sex || !validator.isIn(subject.sex, ['M', 'F', 'N.D.', 'UNKNOWN', 'UNDIFFERENTIATED'])) { subject.sex = 'N.D.'; } /* if (subject.personalInfo && !validator.isInt(subject.personalInfo)) { errors.push(Validation.INVALID_PERSONAL_INFO_ID + subject.personalInfo); } */ /* // is Metadata required for Subjects?? * if (!data.metadata || _.isEmpty(data.metadata)) { errors.push(Validation.MISSING_METADATA); } */ if (!validator.isJSON(JSON.stringify(subject.metadata)) || !_.isObject(subject.metadata)) { errors.push(Validation.INVALID_METADATA + subject.metadata); } errors.forEach(function(error) { console.log(error); }); return errors.length ? errors : null; };
fileFilter: function(req, file, cb){ // file filter operations var allowed_img_ext = ['.jpg','.jpeg','.png','.gif','.bmp']; console.log(file); if (file) // img file not mandatory if (validator.isIn(path.extname(file.originalname).toLowerCase(), allowed_img_ext)) cb(null, true); else cb(null, false); } });
isIn: function(options, field, attrs) { if(validator.isIn(attrs[field], options)){ return new Suc(attrs) } else { return new Fail(new FormError(field, { code: 'not_in', options: options, message: q(field)+' must be one of '+ listFormat('or', options) })); } },
function extractAgeGroup(req) { const now = new Date().getFullYear(); function calc(min, max) { return {max_year: now - min, min_year: now - max}; } if (!_.isEmpty(req.query.agegroup) && validator.isIn(req.query.agegroup, ['20-29', '30-34', '35-39', '40-44', '45-49', '50-54', '55-59', '60-64', '65-69', '70-74', '75-79', '80-120'])) { let ages = req.query.agegroup.split('-'); return calc(ages[0], ages[1]); } return {max_year: now, min_year: 0}; }
canReceive (type, property, value) { let propertyObject = this._getPropertyObject(type, property); if (!propertyObject) { return false; } switch (propertyObject.type) { case 'boolean': return validator.isIn(value, ['true', 'false']); case 'float': return validator.isFloat(value); case 'percentage': return validator.isInt(value, { min: 0, max: 100 }); case 'enum': return validator.isIn(value, propertyObject.oneOf); case 'blank': return true; case 'string': return true; default: return false; } }
getPosts: function (req, res, next) { var defaultOptions = { from: 0, count: 20 }, allowedSource = ['feed']; var body = req.body; var errors = []; var options = _.extend(defaultOptions, body); if( !options.source || !options.source.name || !options.source.params || !options.source.params._id){ errors.push('Cannot find resource'); } if( !validator.isIn(options.source.name, allowedSource) ){ errors.push('Resource is not recognized'); } if(errors.length){ res.finish.resolve({message: "Cannot find resource"}); return next(new HttpError(400, { message: errors })); } if( req.user ){ options.user = {}; options.user._id = req.user._id; } PostModel.getPosts(options, function (err, posts) { if(err){ logger.error(err.message); res.finish.resolve({message: err.message}); return next(new HttpError(400, { message: err })); } res.finish.resolve(posts); res.status(200); res.send(posts); }); }
auth.post('/api/auth/signInWithEmail', bodyParser, async (ctx) => { const {email, path} = ctx.request.body; if (!validator.isIn(path, ['/', '/users/me']) // hard-code white-list redirect paths || !validator.isEmail(email)) { ctx.throw(400); } const emailToken = base58.encode(crypto.randomBytes(16)); if (!emailTokenCache.set(emailToken, {email: validator.normalizeEmail(email), path})) { ctx.throw(500); } const cbUrl = `${process.env.HOST_URL}/et/${emailToken}`; sparkPost.transmissions.send({ transmissionBody: { content: { from: { name: "cutlog", email: "*****@*****.**" }, subject: 'e-mail sign-in', reply_to: 'Amit Portnoy <*****@*****.**>', text: ` Sign-in to cutlog with the following link: ${cbUrl} `, html: ` <div>Sign-in to cutlog with the following link: <br><br> <a href="${cbUrl}">${cbUrl}</a> </div> ` }, recipients: [{address: {email}}] } }, function (err, res) { if (err) { console.log('Whoops! Something went wrong'); console.error(err); } else { console.log(res.body); } }); // next if anyone calls /et/<emailToken> before exp it will be redirected to path console.log('passwordless sent: ' + emailToken); ctx.status = 202; //(Accepted) });
function(req, res){ if (!validator.isIn(req.body.indexerId, Object.keys(app.indexers))) return res.status(400).json({ indexerId: [ 'isIn' ] }); if (!validator.isInt(req.body.indexerShowId)) return res.status(400).json({ indexerShowId: [ 'isInt' ] }); app.indexers[req.body.indexerId].getTvShowById(req.body.indexerShowId, function(err, show){ TvShow.create(show).then(function(tvShow){ app.jobs.create('refreshTvShow', tvShow).priority('high').save(); return res.status(200).json(tvShow); }).catch(function(err){ return res.status(400).json(err); }); }); }
return new Promise((resolve, reject) => { let objRet = {}; if (status !== utils.OPERATION_STATUS.DELETE && status !== utils.OPERATION_STATUS.SELECT ) { user['username'] = validator.trim(validator.escape(user['username'].toString() || '')); user['email'] = validator.trim(validator.escape(user['email'].toString() || '')); user['password'] = validator.trim(validator.escape(user['password'].toString() || '')); user['active'] = validator.trim(validator.escape(user['active'].toString() || '0')); if (validator.isNull(user['username'])) objRet['username'] = '******'; if (validator.isNull(user['password'])) objRet['password'] = '******'; let emailNull = validator.isNull(user['email']); if (emailNull) objRet['email'] = 'Email é de preenchimento obrigatório.'; if (!emailNull && (!validator.isEmail(user['email']))) objRet['email'] = 'Email informado não é válido.'; let activeNull = validator.isNull(user['active']); if (!activeNull && (!validator.isIn(user['active'], [0, 1]))) objRet['active'] = 'Status informado não é válido.'; if (status === utils.OPERATION_STATUS.NEW) { user['passwordbis'] = validator.trim(validator.escape(user['passwordbis'].toString() || '')); if ((!validator.isNull(user['password'])) && (validator.isNull(user['passwordbis']))) objRet['passwordbis'] = 'Confirmação da senha é de preenchimento obrigatório.'; if ((!validator.isNull(user['passwordbis'])) && (!validator.isNull(user['password'])) && (!validator.equals(user['password'], user['passwordbis']))) { objRet['passwordValid'] = 'Senhas não coincidem.'; } } } if (status === utils.OPERATION_STATUS.UPDATE || status === utils.OPERATION_STATUS.SELECT || status === utils.OPERATION_STATUS.DELETE) { user['_id'] = validator.trim(validator.escape(user['_id'].toString() || '')); let idNull = validator.isNull(user['_id']); if (idNull) objRet['_id'] = 'Id do usuário é de preenchimento obrigatório.'; if (!idNull && (!validator.isMongoId(user['_id']))) objRet['_id'] = 'Id do usuário informado é inválido.'; } if (Object.keys(objRet).length !== 0) { reject(objRet); } else { resolve(user); } });
return new Promise((resolve, reject)=> { user['_id'] = validator.trim(validator.escape(user['_id'].toString() || '')); user['idparent'] = validator.trim(validator.escape(user['idparent'].toString() || '')); user['type'] = validator.trim(validator.escape(user['type'].toString() || '')); let objRet = {}; let typeNull = validator.isNull(user['type']); let idUserNull = validator.isNull(user['_id']); let idParentNull = validator.isNull(user['idparent']); if (typeNull) objRet['type'] = 'Tipo do usuário é de preenchimento obrigatório.'; if (!typeNull && (!validator.isIn(user['type'], ['student', 'teacher', 'manager', 'master']))) objRet['type'] = 'Tipo do usuário informado não é válido.'; if (idUserNull) objRet['_id'] = 'Id do usuário é de preenchimento obrigatório.'; if (!idUserNull && (!validator.isMongoId(user['_id']))) objRet['_id'] = 'Id do usuário informado é inválido.'; if (idParentNull) objRet['idparent'] = 'Id da pessoa é de preenchimento obrigatório.'; if (!idParentNull && (!validator.isMongoId(user['idparent']))) objRet['idparent'] = 'Id da pessoa informado é inválido.'; if (Object.keys(objRet).length !== 0) { reject(objRet); } else { let query = {_id: user['_id']}; let data = {}; if (user['type'].toString() === 'student') { data = { $set: { "student_id": user['idparent'] } }; } else if (user['type'].toString() === 'teacher') { data = { $set: { "teachers_id": user['idparent'] } }; } else if (user['type'].toString() === 'manager') { data = { $set: { "manager_id": user['idparent'] } }; } else if (user['type'].toString() === 'master') { data = { $set: { "master_id": user['idparent'] } }; } let options = { safe: true, upsert: false, new: true }; usersModel.users.findOneAndUpdate(query, data, options, (err, data) => { if (err) { reject(err); } else { resolve(data); } }); } });
NANA.prototype.isIn = function isIn(values) { if (!this.flag) return this; this.flag = validator.isIn(this._curArgs, values); return this; };
Validator.notIn = (value, ...values) => { return !value || !validator.isIn(value, values); };
function(err, results) { if (err) { next(err); } else { var document = results[0]; var bridges = results[1]; if (document) { if ( ! hasPermissionToEdit( req.user, document )) { res.status(403); next(new Error('No permission to access other users.')); return; } else { if (req.user._id.toString() == id) document.pronouned = "me"; else document.pronouned = document.name; var hash = {}; if (req.body.displayName) document.displayName = hash.displayName = validator.toString(req.body.displayName); else document.displayName = hash.displayName = ''; if (req.body.visibility) if (validator.isIn(req.body.visibility, ["none", "users", "everyone"])) document.visibility = hash.visibility = req.body.visibility; if ((req.body.email) && (validator.isEmail(req.body.email))) document.email = hash.email = validator.normalizeEmail(req.body.email); else document.email = hash.email = ''; if ((req.body.website) && (validator.isURL(req.body.website))) document.website = hash.website = req.body.website; else document.website = hash.website = ''; if (req.body.birthday) document.birthday = hash.birthday = validator.toDate(req.body.birthday); else document.birthday = ''; if (document.birthday) { document.formattedBirthday = moment(new Date(document.birthday)).format('MMMM D, YYYY'); } if (req.body.biography) document.biography = hash.biography = validator.toString(req.body.biography); else document.biography = hash.biography = ''; if (req.body.location) document.location = hash.location = validator.toString(req.body.location); if (document.email) document.gravatar = crypto.createHash('md5').update(validator.normalizeEmail(document.email)).digest("hex"); // Only superusers can edit flags if (req.user.superuser) { if (req.body.isInstructor) document.isInstructor = hash.isInstructor = true; else document.isInstructor = hash.isInstructor = false; if (req.body.isAuthor) document.isAuthor = hash.isAuthor = true; else document.isAuthor = hash.isAuthor = false; if (req.body.isGuest) document.isGuest = hash.isGuest = true; else document.isGuest = hash.isGuest = false; if (req.body.superuser) document.superuser = hash.superuser = true; else document.superuser = hash.superuser = false; } mdb.User.update( {_id: new mongo.ObjectID(id)}, {$set: hash}, function(err, d) { if (err) res.send(500); else { res.render('user/profile', { userId: req.params.id, user: req.user, updated: true, bridges: bridges, script: "user/profile", person: document, editable: true, title: 'Profile' } ); } }); } } else { res.status(404).json({}); } } });
Validator.in = (value, ...values) => { return !value || validator.isIn(value, values); };
return new Promise( (resolve, reject) => { let objRet = {}; if (status !== utils.OPERATION_STATUS.DELETE && status !== utils.OPERATION_STATUS.SELECT) { course['identify'] = validator.trim(validator.escape(course['identify'].toString() || '')); course['name'] = validator.trim(validator.escape(course['name'].toString() || '')); course['active'] = validator.trim(validator.escape(course['active'].toString() || '')); course['description'] = validator.trim(validator.escape(course['description'].toString() || '')); course['duration']['start'] = validator.trim(course['duration']['start'].toString() || ''); course['duration']['end'] = validator.trim(course['duration']['end'].toString() || ''); course['course_type']['_id'] = validator.trim(validator.escape(course['course_type']['_id'].toString() || '')); course['course_type']['description'] = validator.trim(validator.escape(course['course_type']['description'].toString() || '')); if (validator.isNull(course['description'])) objRet['description'] = 'Descrição é de preenchimento obrigatório.'; if (validator.isNull(course['identify'])) objRet['identify'] = 'Identificador é de preenchimento obrigatório.'; if (validator.isNull(course['name'])) objRet['description'] = 'Nome do curso é de preenchimento obrigatório.'; if (validator.isNull(course['duration']['start'])) objRet['start'] = 'Data de início é de preenchimento obrigatório.'; else if (!validator.isDate(course['duration']['start'])) objRet['start'] = 'Data de início informada não é válida.'; if (validator.isNull(course['duration']['end'])) objRet['end'] = 'Data de término é de preenchimento obrigatório.'; else if (!validator.isDate(course['duration']['end'])) objRet['end'] = 'Data de término informada não é válida.'; if (validator.isNull(course['course_type']['description'])) objRet['course_type_description'] = 'Tipo do curso é de preenchimento obrigatório.'; if (validator.isNull(course['course_type']['_id'])) objRet['course_type__id'] = 'id do Tipo do curso é de preenchimento obrigatório.'; else if (!validator.isMongoId(course['course_type']['_id'])) objRet['course_type__id'] = 'id do Tipo do curso informado não é válida.'; if ((!validator.isNull(course['active'])) && (!validator.isIn(course['active'], [0, 1]))) objRet['active'] = 'Status informado não é válido.'; } if (status === utils.OPERATION_STATUS.UPDATE || status === utils.OPERATION_STATUS.SELECT || status === utils.OPERATION_STATUS.DELETE) { course['_id'] = validator.trim(validator.escape(course['_id'].toString() || '')); let idNull = validator.isNull(course['_id']); if (idNull) objRet['_id'] = 'Id do curso é de preenchimento obrigatório.'; else if (!validator.isMongoId(course['_id'])) objRet['_id'] = 'Id do curso informado é inválido.'; } if (Object.keys(objRet).length !== 0) reject(objRet); else { objRet = null; resolve(course); } });
validate: (val) => validator.isIn(String(val), values)
return function () { var actual = arguments[0] + ''; return validator.isIn(actual, target); };
_load: function(data) { // Step 1 - Check that required properties exist if (!data) { throw new Error(this['@class'] + ' tried to instantiate with no data.'); } for (var i in this.properties) { if (this.properties[i].required && data[i] == undefined) { throw new Error(this['@class'] + ' tried to instantiate with missing required parameter [' + i + '].'); } } // Remove any nulls for (var i in data) { if (data[i] == null) { delete data[i]; } } // Step 2 - Validate properties for (var i in data) { if (this.properties[i]) { // Property exists, validate it switch (this.properties[i].type) { case 'rid': if (Validate.isLength(data[i], 3, 64)) { this[i] = data[i]; } else { throw new Error(this['@class'] + ' tried to instantiate with invalid [@rid:rid].'); } break; case 'string': if (Validate.isLength(data[i], this.properties[i].min, this.properties[i].max)) { this[i] = Validate.trim(data[i]); } else { throw new Error(this['@class'] + ' tried to instantiate with invalid [' + i + ':string] [' + data[i] + '].'); } break; case 'email': if (Validate.isLength(data[i], 5, 256) && Validate.isEmail(data[i])) { this[i] = Validate.trim(data[i]); } else { throw new Error(this['@class'] + ' tried to instantiate with invalid [' + i + ':email] [' + data[i] + '].'); } break; case 'decimal': if (Validate.isFloat(parseFloat(data[i]))) { this[i] = parseFloat(data[i]); } else { throw new Error(this['@class'] + ' tried to instantiate with invalid [' + i + ':decimal] [' + data[i] + '].'); } break; case 'long': case 'short': if (Validate.isInt(parseInt(data[i]))) { this[i] = parseInt(data[i]); } else { throw new Error(this['@class'] + ' tried to instantiate with invalid [' + i + ':long/short] [' + data[i] + '].'); } break; case 'url': if (!this.properties[i].required || Validate.isURL(data[i])) { this[i] = data[i] } else { throw new Error(this['@class'] + ' tried to instantiate with invalid [' + i + ':url] [' + data[i] + '].'); } break; case 'enum': if (Validate.isIn(data[i], this.properties[i].options)) { this[i] = data[i] } else { throw new Error(this['@class'] + ' tried to instantiate with invalid [' + i + ':enum] [' + data[i] + '].'); } break; } } } },
compatibleValidator.notIn = function(str, options) { return !validator.isIn(str, options); };
validate: function(attributes) { var errorFields = []; if (!validator.isIn(attributes.type, ["in", "out"])) { errorFields.push({ fieldRef: "type", msg: "type has to be either 'in' or 'out'" }); } if (!validator.isDate(attributes.booked)) { errorFields.push({ fieldRef: "booked", msg: "booked has to be a Date" }); } else { if (!validator.isAfter(attributes.booked, new Date(2010))) { errorFields.push({ fieldRef: "booked", msg: "booked too old" }); } if (!validator.isBefore(attributes.booked, new Date())) { errorFields.push({ fieldRef: "booked", msg: "no future dates" }); } } if (!validator.isLength(attributes.description, 1, 100)) { errorFields.push({ fieldRef: "desc", msg: "description required but can't be longer than 100 characters" }); } if (!validator.isFloat(attributes.value)) { errorFields.push({ fieldRef: "value", msg: "value has to be a number" }); } if (attributes.value <= 0 || attributes.value > 1000000) { errorFields.push({ fieldRef: "value", msg: "value has to be between 0 and 1000000" }); } if (!validator.isIn(attributes.ust, [0, 7, 19])) { errorFields.push({ fieldRef: "ust", msg: "ust has to be either 0, 7 or 19" }); } if (errorFields.length > 0) { return errorFields; } }
return new Promise( (resolve, reject) => { let objRet = {}; if (status === utils.OPERATION_STATUS.NEW || status === utils.OPERATION_STATUS.UPDATE) { item['day'] = validator.trim(validator.escape(item['day'].toString() || '')); item['subject'] = validator.trim(validator.escape(item['subject'].toString() || '')); item['duration']['start'] = validator.trim(item['duration']['start'].toString() || ''); item['duration']['end'] = validator.trim(item['duration']['end'].toString() || ''); if (validator.isNull(item['subject'])) objRet['subject'] = 'Id da matéria é de preenchimento obrigatório.'; else if (!validator.isMongoId(item['subject'])) objRet['subject'] = 'Id da matéria informado é inválido.'; if (validator.isNull(item['day'])) objRet['day'] = 'Dia da semana é de preenchimento obrigatório.'; else if (!validator.isInt(item['day'])) objRet['day'] = 'Dia da semana informado é inválido.'; else if (!validator.isIn(item['day'], [1, 2, 3, 4, 5, 6, 7])) objRet['day'] = 'Dia da semana informado é inválido.'; if (validator.isNull(item['duration']['start'])) objRet['start'] = 'Data de início é de preenchimento obrigatório.'; else if (!validator.isDate(item['duration']['start'])) objRet['start'] = 'Data de início informada não é válida.'; if (validator.isNull(item['duration']['end'])) objRet['end'] = 'Data de término é de preenchimento obrigatório.'; else if (!validator.isDate(item['duration']['end'])) objRet['end'] = 'Data de término informada não é válida.'; } if (status === utils.OPERATION_STATUS.DELETE) { item['_idschedule'] = validator.trim(validator.escape(item['_idschedule'].toString() || '')); if (validator.isNull(item['_idschedule'])) objRet['_idschedule'] = 'Id do item do cronograma é de preenchimento obrigatório.'; else if (!validator.isMongoId(item['_idschedule'])) objRet['_idschedule'] = 'Id do item do cronograma informado é inválido.'; item['_idsubject'] = validator.trim(validator.escape(item['_idsubject'].toString() || '')); if (validator.isNull(item['_idsubject'])) objRet['_idsubject'] = 'Id da matéria é de preenchimento obrigatório.'; else if (!validator.isMongoId(item['_idsubject'])) objRet['_idsubject'] = 'Id da matéria informado é inválido.'; } item['_id'] = validator.trim(validator.escape(item['_id'].toString() || '')); if (validator.isNull(item['_id'])) objRet['_id'] = 'Id do Curso é de preenchimento obrigatório.'; else if (!validator.isMongoId(item['_id'])) objRet['_id'] = 'Id do Curso informado é inválido.'; if (Object.keys(objRet).length !== 0) reject(objRet); else { objRet = null; resolve(item); } });
socket.on('publish-alert', function(image, lat, lng, icon, note, expires, callback) { //check if user is authenticated to server if (facebookUserId) { //strictly check callback function if (typeof (callback) !== 'function') return; //check lat and lng if (!(validator.isFloat(lat) && validator.isFloat(lng))) { callback(null, 'Lat or lng have no valid value (float expected).'); functions.log(messagePrefix + ' bad arguments lat, lng'); // + (!res ? 'error occurred' : res.error) return; } //check note if (!(note !== null && note.length >= 4)) { callback(null, 'Note has no valid value (min 4 characters expected).'); functions.log(messagePrefix + ' bad argument note'); // + (!res ? 'error occurred' : res.error) return; } //sanitize note note = validator.escape(note); //check icon if (!validator.isIn(icon, config.allowedIcons)) { callback(null, 'Icon has no valid value.'); functions.log(messagePrefix + " bad argument icon"); // + (!res ? 'error occurred' : res.error) return; } //check if image is not null or false if(!image) { callback(null, 'Image in alert is not valid!'); functions.log(messagePrefix + " bad argument image"); return; } //parse image var imageBuffer = functions.decodeBase64Image(image); //check image if (!(imageBuffer !== null && imageType(imageBuffer.data) === 'jpg')) { callback(null, 'Image in alert is not valid!'); functions.log(messagePrefix + " bad argument image"); return; } //validate expires datetime var expire_on = validator.toDate(expires); if (!expire_on) { callback(null, 'Date is not valid!'); functions.log(messagePrefix + " wrong date"); return; } if (!validator.isAfter(expire_on, new Date((new Date()).getTime() + (5 * 60 * 1000)))) { callback(null, 'Date must be more in future!'); functions.log(messagePrefix + " date is not enough in future"); return; } //if everything is ok mysqlPool.query('INSERT INTO `alerts` SET ?, `published` = NOW() ', {facebook_app_id: facebookAppId, facebook_user_id: facebookUserId, lat: lat, lng: lng, icon: icon, note: note, expire_on: expire_on}, function(err, result) { //db error? if (err) { callback(null, 'Error in saving alert to database. Please try to insert new alert later..'); functions.log(messagePrefix + " insert db error: " + err); return; } //set path to image var path = config.imagesPath + result.insertId + '.jpg'; //writes the file fs.writeFile('public/' + path, imageBuffer.data, function(err) { //error writing file ? if (err) { callback(null, 'Error in saving alert to database. Please try to insert new alert later..'); functions.log(messagePrefix + ' writing image error for path=' + path); // + (!res ? 'error occurred' : res.error) return; } //update row and set path mysqlPool.query("UPDATE `alerts` SET `path` = ? WHERE `id` = ?", [path, result.insertId], function(err) { //error with updating row ? if (err) { callback(null, 'Error in saving alert to database. Please try to insert new alert later..'); functions.log(messagePrefix + ' error updating path for id=' + result.insertId); return; } functions.log(messagePrefix + 'Alert with id=' + result.insertId + ' is sucesfully saved'); //notify clients mysqlPool.query('SELECT `id`, `facebook_app_id`, `lat`, `lng`, `icon`, `path`, `note`, `published`, `expire_on` FROM `alerts` WHERE `id` = ?', result.insertId, function(err, rows) { if (err === null) { var row = rows[0]; //notify sender row.owner = 1; callback(row); //notify other connected and token checked clients row.owner = 0; socket.broadcast.to('token-checked').emit('new-alert', row); } }); }); }); }); } else callback(null, 'You are not correctly logged into server. Please at first call message log-in with FB token!'); });
containsCheck: function(options, x) { check(x, "one of the possible values: " + options.join(","), validator.isIn(x, options)); },
// helper for asserting that a value is in the list of valid options function contains (options, x) { assert(validator.isIn(x, options), 'must be one of the possible values: ' + JSON.stringify(options)); }
'notIn' : function (x, arrayOrString) { return !validator.isIn(x, arrayOrString); },
function extractCategory(req) { if (!_.isEmpty(req.query.category) && validator.isIn(req.query.category, ['m', 'f', 'all'])) { return req.query.category; } return 'all'; }